by Shawn Duffy | Aug 18, 2023 | Blog, CMMC, Data Protection, Department of Defense, DOD, News
In an increasingly interconnected world, where digital systems play a pivotal role in various sectors, cybersecurity has emerged as a critical concern. Among the sectors most vulnerable to cyber threats is the defense industry, which handles sensitive information and...
by Shawn Duffy | Jun 19, 2023 | Blog, CMMC, Compliance, continuous monitoring, DFARS, Featured, Security Awareness Training, SPRS
If you are a prime or subcontractor to the DOD, the DFARS compliance requirement is something you already know. We have been discussing “adequate security” from clause 7012 for some time now. Your service provider may not be able to assess how close you...
by Shawn Duffy | Sep 9, 2022 | CMMC 2.0, Assessments, Blog, CMMC, Compliance, Featured, Incidence Response, risk assessment, Security Awareness Training
If you’re a defense industrial base (DIB) contractor, you’re already aware you need to meet compliance requirements in the new CMMC system, which goes live May 2023. Most government contractors are required to meet CMMC Level 2 requirements. When in...
by Shawn Duffy | Nov 30, 2021 | CMMC, Blog, Compliance, Department of Defense, SPRS
As CMMC continues to mature, we want to ensure you keep up to date with the latest news, and we want to help your organization meet the DoD Interim Rule while it remains in effect. Large prime contractor companies like General Dynamics, Northrop Grumman, and Raytheon...
by Shawn Duffy | Nov 9, 2021 | CMMC, Assessments, Blog, CMMC 2.0, Department of Defense, DFARS, DOD, News, POA&M, SPRS, vulnerability
As you may have seen last week, the new CMMC 2.0 has been released, which reverts us back to the NIST 800-171 set of security controls and families. It also allows for both a Plan of Actions & Milestones (POA&M) and self-assessments. This is great news for...
by Shawn Duffy | Sep 28, 2021 | CMMC, C3PAO, RPO
Government contractors are figuring out that bidding or working on non-public government contracts, eventually, they will need to be compliant. Right now, that consists of working toward CMMC certification and self-assessing compliance status through the Supplier...
